mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-28 05:29:48 +00:00
ec9a17067c
up-to-the-second blackhole list server designed to monitor global network activity and make decisions based on network spread and infection rate - that is, abuse from an address which has been reported by a number of participating networks. This is in far contrast to how most other blacklists function, where fallable humans (many with political agendas) must process thousands of reports and make decisions - many times after the fact. The RABL is fully reactive to new threats and can block addresses within seconds of widespread infection - good to know in this world of drone PCs and stolen accounts. The RABL server blacklists addresses until they have cleared a minimum duration (an hour by default) without any additional reporting, making the appeals process as simple as "fix your junk". The RABL is designed to function via automated machine-learning spam filters, such as Bayesian filters. Each participating network is granted write authentication in the blackhole list, to prevent abuse. A client tool is also provided. The RABL client is the lookup and reporting component of the RABL. It is necessary for performing streaming connection lookups and writing to the RABL (assuming you have an account). PR: 87096 Submitted by: Ion-Mihai "IOnut" Tetcu <itetcu@people.tecnik93.com>
22 lines
1.3 KiB
Plaintext
22 lines
1.3 KiB
Plaintext
The RABL (pronounced "rabble") server is a statistical, machine-automated and
|
|
up-to-the-second blackhole list server designed to monitor global network
|
|
activity and make decisions based on network spread and infection rate -
|
|
that is, abuse from an address which has been reported by a number of
|
|
participating networks. This is in far contrast to how most other
|
|
blacklists function, where fallable humans (many with political agendas) must
|
|
process thousands of reports and make decisions - many times after the fact.
|
|
The RABL is fully reactive to new threats and can block addresses within
|
|
seconds of widespread infection - good to know in this world of drone PCs
|
|
and stolen accounts. The RABL server blacklists addresses until they have
|
|
cleared a minimum duration (an hour by default) without any additional
|
|
reporting, making the appeals process as simple as "fix your junk". The RABL
|
|
is designed to function via automated machine-learning spam filters, such as
|
|
Bayesian filters. Each participating network is granted write authentication
|
|
in the blackhole list, to prevent abuse. A client tool is also provided.
|
|
|
|
The RABL client is the lookup and reporting component of the RABL. It is
|
|
necessary for performing streaming connection lookups and writing to the RABL
|
|
(assuming you have an account).
|
|
|
|
WWW: http://www.nuclearelephant.com/projects/rabl/
|